一、主控
1.安装etcd数据库
-
[root@node1 ~]# yum -y install etcd
-
已加载插件:fastestmirror
-
Determining fastest mirrors
-
epel/x86_64/metalink
-
| 5.1 kB
-
00:00:00
-
* base: mirrors.aliyun.com
-
* epel: repo.jing.rocks
-
* extras: mirrors.aliyun.com
-
* updates: mirrors.aliyun.com
-
base
-
| 3.6 kB
-
00:00:00
-
extras
-
| 2.9 kB
-
00:00:00
-
updates
-
| 2.9 kB
-
00:00:00
-
没有可⽤软件包 fannel。
-
正在解决依赖关系
-
--> 正在检查事务
-
---> 软件包 etcd.x86_64.0.3.3.11-2.el7.centos 将
-
被 安装
-
--> 解决依赖关系完成
-
依赖关系解决
-
==================================================
-
==================================================
-
============
-
Package 架构 版本
-
源
-
⼤⼩
-
==================================================
-
==================================================
-
============
-
正在安装:
-
etcd x86_64
-
3.3.11-2.el7.centos extras
-
10 M
-
事务概要
-
==================================================
-
==================================================
-
============
-
安装 1 软件包
-
总下载量:10 M
-
安装⼤⼩:45 M
-
Downloading packages:
-
etcd-3.3.11-2.el7.centos.x86_64.rpm
-
| 10 MB
-
00:00:12
-
Running transaction check
-
Running transaction test
-
Transaction test succeeded
-
Running transaction
-
正在安装 : etcd-3.3.11-2.el7.centos.x86_64
-
1/1
-
验证中 : etcd-3.3.11-2.el7.centos.x86_64
-
1/1
-
已安装:
-
etcd.x86_64 0:3.3.11-2.el7.centos
-
完毕!
2.安装flanne
-
[root@node1 ~]# yum -y install flannel
-
已加载插件:fastestmirror
-
Loading mirror speeds from cached hostfile
-
* base: mirrors.aliyun.com
-
* epel: repo.jing.rocks
-
* extras: mirrors.aliyun.com
-
* updates: mirrors.aliyun.com
-
正在解决依赖关系
-
--> 正在检查事务
-
---> 软件包 flannel.x86_64.0.0.7.1-4.el7 将被 安
-
装
-
--> 解决依赖关系完成
-
依赖关系解决
-
==================================================
-
==================================================
-
============
-
Package 架构
-
版本 源
-
⼤⼩
-
==================================================
-
==================================================
-
============
-
正在安装:
-
flannel x86_64
-
0.7.1-4.el7 extras
-
7.5 M
-
事务概要
-
==================================================
-
==================================================
-
============
-
安装 1 软件包
-
总下载量:7.5 M
-
安装⼤⼩:41 M
-
Downloading packages:
-
flannel-0.7.1-4.el7.x86_64.rpm
-
| 7.5 MB
-
00:00:45
-
Running transaction check
-
Running transaction test
-
Transaction test succeeded
-
Running transaction
-
正在安装 : flannel-0.7.1-4.el7.x86_64
-
1/1
-
验证中 : flannel-0.7.1-4.el7.x86_64
-
1/1
-
已安装:
-
flannel.x86_64 0:0.7.1-4.el7
-
完毕!
3.修改etcd数据库配置
-
[root@node1 ~]# vim /etc/etcd/etcd.conf
-
[root@node1 ~]# cat /etc/etcd/etcd.conf
-
#[Member]
-
#ETCD_CORS=""
-
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
-
#ETCD_WAL_DIR=""
-
#ETCD_LISTEN_PEER_URLS="http://localhost:2380"
-
#
-
#-------------------------------------------------
-
-------------------
-
#ETCD_LISTEN_CLIENT_URLS="http://localhost:2379"
-
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379,http:
-
//0.0.0.0:4001"
-
#-------------------------------------------------
-
------------------
-
#ETCD_MAX_SNAPSHOTS="5"
-
#ETCD_MAX_WALS="5"
-
ETCD_NAME="default"
-
#ETCD_SNAPSHOT_COUNT="100000"
-
#ETCD_HEARTBEAT_INTERVAL="100"
-
#ETCD_ELECTION_TIMEOUT="1000"
-
#ETCD_QUOTA_BACKEND_BYTES="0"
-
#ETCD_MAX_REQUEST_BYTES="1572864"
-
#ETCD_GRPC_KEEPALIVE_MIN_TIME="5s"
-
#ETCD_GRPC_KEEPALIVE_INTERVAL="2h0m0s"
-
#ETCD_GRPC_KEEPALIVE_TIMEOUT="20s"
-
#
-
#[Clustering]
-
#ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhos
-
t:2380"
-
#
-
#
-
#-------------------------------------------------
-
-----
-
#ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379
-
"
-
ETCD_ADVERTISE_CLIENT_URLS="http://10.1.1.10:2379,
-
http://10.1.1.10:4001"
-
#-------------------------------------------------
-
-----
-
#ETCD_DISCOVERY=""
-
#ETCD_DISCOVERY_FALLBACK="proxy"
-
#ETCD_DISCOVERY_PROXY=""
-
#ETCD_DISCOVERY_SRV=""
-
#ETCD_INITIAL_CLUSTER="default=http://localhost:23
-
80"
-
#ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
-
#ETCD_INITIAL_CLUSTER_STATE="new"
-
#ETCD_STRICT_RECONFIG_CHECK="true"
-
#ETCD_ENABLE_V2="true"
-
#
-
#[Proxy]
-
#ETCD_PROXY="off"
-
#ETCD_PROXY_FAILURE_WAIT="5000"
-
#ETCD_PROXY_REFRESH_INTERVAL="30000"
-
#ETCD_PROXY_DIAL_TIMEOUT="1000"
-
#ETCD_PROXY_WRITE_TIMEOUT="5000"
-
#ETCD_PROXY_READ_TIMEOUT="0"
-
#
-
#[Security]
-
#ETCD_CERT_FILE=""
-
#ETCD_KEY_FILE=""
-
#ETCD_CLIENT_CERT_AUTH="false"
-
#ETCD_TRUSTED_CA_FILE=""
-
#ETCD_AUTO_TLS="false"
-
#ETCD_PEER_CERT_FILE=""
-
#ETCD_PEER_KEY_FILE=""
-
#ETCD_PEER_CLIENT_CERT_AUTH="false"
-
#ETCD_PEER_TRUSTED_CA_FILE=""
-
#ETCD_PEER_AUTO_TLS="false"
-
#
-
#[Logging]
-
#ETCD_DEBUG="false"
-
#ETCD_LOG_PACKAGE_LEVELS=""
-
#ETCD_LOG_OUTPUT="default"
-
#
-
#[Unsafe]
-
#ETCD_FORCE_NEW_CLUSTER="false"
-
#
-
#[Version]
-
#ETCD_VERSION="false"
-
#ETCD_AUTO_COMPACTION_RETENTION="0"
-
#
-
#[Profiling]
-
#ETCD_ENABLE_PPROF="false"
-
#ETCD_METRICS="basic"
-
#
-
#[Auth]
-
#ETCD_AUTH_TOKEN="simple"
4.启动数据库
[root@node1 ~]# systemctl start etcd.service
5.设置开机启动
-
[root@node1 ~]# systemctl enable etcd.service
-
Created symlink from /etc/systemd/system/multiuser.target.wants/etcd.service to
-
/usr/lib/systemd/system/etcd.service.
-
[root@node1 ~]# ss -anput|grep 2370
-
tcp ESTAB 0 0 127.0.0.1:34666
-
127.0.0.1:2370 users:
-
(("etcd",pid=1959,fd=11))
-
tcp LISTEN 0 128 [::]:2370
-
[::]:* users:
-
(("etcd",pid=1959,fd=6))
-
tcp ESTAB 0 0
-
[::ffff:127.0.0.1]:2370
-
[::ffff:127.0.0.1]:34666 users:
-
(("etcd",pid=1959,fd=15))
6.测试端⼝
-
[root@node1 ~]# netstat -lnput|grep 4001
-
tcp6 0 0 :::4001 :::*
-
LISTEN 1959/etcd
-
[root@node1 ~]# systemctl restart etcd.service
-
[root@node1 ~]# netstat -lnput|grep 2379
-
tcp6 0 0 :::2379 :::*
-
LISTEN 2028/etcd
7.测试数据库功能
-
[root@node1 ~]# etcdctl set testdir/testkey0 1000
-
1000
-
[root@node1 ~]# etcdctl get testdir/testkey0
-
1000
8.测试集群健康
-
[root@node1 ~]# etcdctl -C http://10.1.1.10:4001
-
cluster-health
-
member 8e9e05c52164694d is healthy: got healthy
-
result from http://10.1.1.10:2379
-
cluster is healthy
-
[root@node1 ~]# etcdctl -C http://10.1.1.10:2379
-
cluster-health
-
member 8e9e05c52164694d is healthy: got healthy
-
result from http://10.1.1.10:2379
-
cluster is healthy
9.修改flannel配置⽂件
-
[root@node1 ~]# vim /etc/sysconfig/flanneld
-
[root@node1 ~]# cat /etc/sysconfig/flanneld
-
# Flanneld configuration options
-
# etcd url location. Point this to the server
-
where etcd runs
-
# ------------------------------------------------
-
-------
-
FLANNEL_ETCD_ENDPOINTS="http://10.1.1.10:2379"
-
#-------------------------------------------------
-
-------
-
# etcd config key. This is the configuration key
-
that flannel queries
-
# For address range assignment
-
FLANNEL_ETCD_PREFIX="/atomic.io/network"
-
# Any additional options that you want to pass
-
#FLANNEL_OPTIONS=""
10.向数据库中存⼊⽹段信息
-
[root@node1 ~]# etcdctl mk
-
/atomic.io/network/config '{ "Network" :
-
"172.20.0.0/16" }'
-
{ "Network" : "172.20.0.0/16" }
-
[root@node1 ~]# etcdctl get
-
/atomic.io/network/config
-
{ "Network" : "172.20.0.0/16" }
11.启动并设置开机启动flanneld
-
[root@node1 ~]# systemctl start flanneld.service
-
[root@node1 ~]# systemctl enable flanneld.service
-
Created symlink from /etc/systemd/system/multiuser.target.wants/flanneld.service to
-
/usr/lib/systemd/system/flanneld.service.
-
Created symlink from
-
/etc/systemd/system/docker.service.wants/flanneld.
-
service to
-
/usr/lib/systemd/system/flanneld.service.
12.查看ip地址
-
[root@node1 ~]# ip a s
-
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc
-
noqueue state UNKNOWN group default qlen 1000
-
link/loopback 00:00:00:00:00:00 brd
-
00:00:00:00:00:00
-
inet 127.0.0.1/8 scope host lo
-
valid_lft forever preferred_lft forever
-
inet6 ::1/128 scope host
-
valid_lft forever preferred_lft forever
-
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
-
1500 qdisc pfifo_fast state UP group default qlen
-
1000
-
link/ether 00:0c:29:94:72:1b brd
-
ff:ff:ff:ff:ff:ff
-
inet 10.1.1.10/24 brd 10.1.1.255 scope global
-
ens33
-
valid_lft forever preferred_lft forever
-
inet6 fe80::20c:29ff:fe94:721b/64 scope link
-
valid_lft forever preferred_lft forever
-
3: flannel0:
-
<POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472
-
qdisc pfifo_fast state UNKNOWN group default qlen
-
500
-
link/none
-
inet 172.20.20.0/16 scope global flannel0
-
valid_lft forever preferred_lft forever
-
inet6 fe80::1fae:d70e:eb38:5ec9/64 scope link
-
flags 800
-
valid_lft forever preferred_lft forever
13.安装docker
-
[root@node1 ~]# source docker.sh
-
overlay
-
br_netfilter
-
net.bridge.bridge-nf-call-iptables = 1
-
net.bridge.bridge-nf-call-ip6tables = 1
-
net.ipv4.ip_forward = 1
-
* Applying /usr/lib/sysctl.d/00-system.conf ...
-
net.bridge.bridge-nf-call-ip6tables = 0
-
net.bridge.bridge-nf-call-iptables = 0
-
net.bridge.bridge-nf-call-arptables = 0
-
* Applying /usr/lib/sysctl.d/10-default-yamascope.conf ...
-
kernel.yama.ptrace_scope = 0
-
* Applying /usr/lib/sysctl.d/50-default.conf ...
-
kernel.sysrq = 16
-
kernel.core_uses_pid = 1
-
kernel.kptr_restrict = 1
-
net.ipv4.conf.default.rp_filter = 1
-
net.ipv4.conf.all.rp_filter = 1
-
net.ipv4.conf.default.accept_source_route = 0
-
net.ipv4.conf.all.accept_source_route = 0
-
net.ipv4.conf.default.promote_secondaries = 1
-
net.ipv4.conf.all.promote_secondaries = 1
-
fs.protected_hardlinks = 1
-
fs.protected_symlinks = 1
-
* Applying /etc/sysctl.d/99-sysctl.conf ...
-
* Applying /etc/sysctl.d/k8s.conf ...
-
net.bridge.bridge-nf-call-iptables = 1
-
net.bridge.bridge-nf-call-ip6tables = 1
-
net.ipv4.ip_forward = 1
-
* Applying /etc/sysctl.conf ...
-
已加载插件:fastestmirror
-
Loading mirror speeds from cached hostfile
-
* base: mirrors.aliyun.com
-
* epel: repo.jing.rocks
-
* extras: mirrors.aliyun.com
-
* updates: mirrors.aliyun.com
-
软件包 device-mapper-persistent-data-0.8.5-
-
3.el7_9.2.x86_64 已安装并且是最新版本
-
软件包 7:lvm2-2.02.187-6.el7_9.5.x86_64 已安装并
-
且是最新版本
-
正在解决依赖关系
-
--> 正在检查事务
-
---> 软件包 yum-utils.noarch.0.1.1.31-54.el7_8
-
将被 安装
-
--> 正在处理依赖关系 python-kitchen,它被软件包
-
yum-utils-1.1.31-54.el7_8.noarch 需要
-
--> 正在处理依赖关系 libxml2-python,它被软件包
-
yum-utils-1.1.31-54.el7_8.noarch 需要
-
--> 正在检查事务
-
---> 软件包 libxml2-python.x86_64.0.2.9.1-
-
6.el7_9.6 将被 安装
-
---> 软件包 python-kitchen.noarch.0.1.1.1-5.el7
-
将被 安装
-
--> 正在处理依赖关系 python-chardet,它被软件包
-
python-kitchen-1.1.1-5.el7.noarch 需要
-
--> 正在检查事务
-
---> 软件包 python-chardet.noarch.0.2.2.1-3.el7
-
将被 安装
-
--> 解决依赖关系完成
-
依赖关系解决
-
==================================================
-
==================================================
-
============
-
Package 架构
-
版本 源
-
⼤⼩
-
==================================================
-
==================================================
-
============
-
正在安装:
-
yum-utils noarch
-
1.1.31-54.el7_8 base
-
122 k
-
为依赖⽽安装:
-
libxml2-python x86_64
-
2.9.1-6.el7_9.6 updates
-
247 k
-
python-chardet noarch
-
2.2.1-3.el7 base
-
227 k
-
python-kitchen noarch
-
1.1.1-5.el7 base
-
267 k
-
事务概要
-
==================================================
-
==================================================
-
============
-
安装 1 软件包 (+3 依赖软件包)
-
总下载量:863 k
-
安装⼤⼩:4.3 M
-
Downloading packages:
-
(1/4): yum-utils-1.1.31-54.el7_8.noarch.rpm
-
| 122 kB
-
00:00:00
-
libxml2-python-2.9.1-6.el7_9.6 FAILED
-
http://mirrors.cloud.aliyuncs.com/centos/7/updates
-
/x86_64/Packages/libxml2-python-2.9.1-
-
6.el7_9.6.x86_64.rpm: [Errno 14] curl#6 - "Could
-
not resolve host: mirrors.cloud.aliyuncs.com;
-
Unknown error"
-
正在尝试其它镜像。
-
python-chardet-2.2.1-3.el7.noa FAILED
-
http://mirrors.cloud.aliyuncs.com/centos/7/os/x86_
-
64/Packages/python-chardet-2.2.1-3.el7.noarch.rpm:
-
[Errno 14] curl#6 - "Could not resolve host:
-
mirrors.cloud.aliyuncs.com; Unknown error"
-
正在尝试其它镜像。
-
(2/4): libxml2-python-2.9.1-6.el7_9.6.x86_64.rpm
-
| 247 kB
-
00:00:01
-
(3/4): python-chardet-2.2.1-3.el7.noarch.rpm
-
| 227 kB
-
00:00:07
-
python-kitchen-1.1.1-5.el7.noa FAILED
-
http://mirrors.aliyuncs.com/centos/7/os/x86_64/Pac
-
kages/python-kitchen-1.1.1-5.el7.noarch.rpm:
-
[Errno 14] curl#7 - "Failed connect to
-
mirrors.aliyuncs.com:80; Connection refused"
-
正在尝试其它镜像。
-
(4/4): python-kitchen-1.1.1-5.el7.noarch.rpm
-
| 267 kB
-
00:00:01
-
--------------------------------------------------
-
--------------------------------------------------
-
------------
-
总计
-
38 kB/s | 863 kB
-
00:00:22
-
Running transaction check
-
Running transaction test
-
Transaction test succeeded
-
Running transaction
-
正在安装 : python-chardet-2.2.1-3.el7.noarch
-
1/4
-
正在安装 : python-kitchen-1.1.1-5.el7.noarch
-
2/4
-
正在安装 : libxml2-python-2.9.1-
-
6.el7_9.6.x86_64
-
3/4
-
正在安装 : yum-utils-1.1.31-54.el7_8.noarch
-
4/4
-
验证中 : python-kitchen-1.1.1-5.el7.noarch
-
1/4
-
验证中 : yum-utils-1.1.31-54.el7_8.noarch
-
2/4
-
验证中 : libxml2-python-2.9.1-
-
6.el7_9.6.x86_64
-
3/4
-
验证中 : python-chardet-2.2.1-3.el7.noarch
-
4/4
-
已安装:
-
yum-utils.noarch 0:1.1.31-54.el7_8
-
作为依赖被安装:
-
libxml2-python.x86_64 0:2.9.1-6.el7_9.6
-
python-chardet.noarch 0:2.2.1-3.el7
-
python-kitchen.noarch 0:1.1.1-5.el7
-
完毕!
-
已加载插件:fastestmirror
-
adding repo from:
-
https://mirrors.aliyun.com/dockerce/linux/centos/docker-ce.repo
-
grabbing file https://mirrors.aliyun.com/dockerce/linux/centos/docker-ce.repo to
-
/etc/yum.repos.d/docker-ce.repo
-
repo saved to /etc/yum.repos.d/docker-ce.repo
-
已加载插件:fastestmirror
-
Loading mirror speeds from cached hostfile
-
* base: mirrors.aliyun.com
-
* epel: repo.jing.rocks
-
* extras: mirrors.aliyun.com
-
* updates: mirrors.aliyun.com
-
docker-ce-stable
-
| 3.5 kB
-
00:00:00
-
(1/2): docker-ce-stable/7/x86_64/updateinfo
-
| 55 B
-
00:00:10
-
(2/2): docker-ce-stable/7/x86_64/primary_db
-
| 152 kB
-
00:00:11
-
正在解决依赖关系
-
--> 正在检查事务
-
---> 软件包 containerd.io.x86_64.0.1.6.33-
-
3.1.el7 将被 安装
-
--> 正在处理依赖关系 container-selinux >= 2:2.74,
-
它被软件包 containerd.io-1.6.33-3.1.el7.x86_64 需要
-
---> 软件包 docker-buildxplugin.x86_64.0.0.14.1-1.el7 将被 安装
-
---> 软件包 docker-ce.x86_64.3.26.1.4-1.el7 将被
-
安装
-
--> 正在处理依赖关系 docker-ce-rootless-extras,它
-
被软件包 3:docker-ce-26.1.4-1.el7.x86_64 需要
-
--> 正在处理依赖关系 libcgroup,它被软件包
-
3:docker-ce-26.1.4-1.el7.x86_64 需要
-
---> 软件包 docker-ce-cli.x86_64.1.26.1.4-1.el7
-
将被 安装
-
---> 软件包 docker-composeplugin.x86_64.0.2.27.1-1.el7 将被 安装
-
--> 正在检查事务
-
---> 软件包 container-selinux.noarch.2.2.119.2-
-
1.911c772.el7_8 将被 安装
-
--> 正在处理依赖关系 policycoreutils-python,它被软
-
件包 2:container-selinux-2.119.2-
-
1.911c772.el7_8.noarch 需要
-
---> 软件包 docker-ce-rootlessextras.x86_64.0.26.1.4-1.el7 将被 安装
-
--> 正在处理依赖关系 fuse-overlayfs >= 0.7,它被软
-
件包 docker-ce-rootless-extras-26.1.4-1.el7.x86_64
-
需要
-
--> 正在处理依赖关系 slirp4netns >= 0.4,它被软件包
-
docker-ce-rootless-extras-26.1.4-1.el7.x86_64 需要
-
---> 软件包 libcgroup.x86_64.0.0.41-21.el7 将被
-
安装
-
--> 正在检查事务
-
---> 软件包 fuse-overlayfs.x86_64.0.0.7.2-
-
6.el7_8 将被 安装
-
--> 正在处理依赖关系 libfuse3.so.3(FUSE_3.2)
-
(64bit),它被软件包 fuse-overlayfs-0.7.2-
-
6.el7_8.x86_64 需要
-
--> 正在处理依赖关系 libfuse3.so.3(FUSE_3.0)
-
(64bit),它被软件包 fuse-overlayfs-0.7.2-
-
6.el7_8.x86_64 需要
-
--> 正在处理依赖关系 libfuse3.so.3()(64bit),它被软
-
件包 fuse-overlayfs-0.7.2-6.el7_8.x86_64 需要
-
---> 软件包 policycoreutils-python.x86_64.0.2.5-
-
34.el7 将被 安装
-
--> 正在处理依赖关系 setools-libs >= 3.3.8-4,它被
-
软件包 policycoreutils-python-2.5-34.el7.x86_64 需
-
要
-
--> 正在处理依赖关系 libsemanage-python >= 2.5-
-
14,它被软件包 policycoreutils-python-2.5-
-
34.el7.x86_64 需要
-
--> 正在处理依赖关系 audit-libs-python >= 2.1.3-
-
4,它被软件包 policycoreutils-python-2.5-
-
34.el7.x86_64 需要
-
--> 正在处理依赖关系 python-IPy,它被软件包
-
policycoreutils-python-2.5-34.el7.x86_64 需要
-
--> 正在处理依赖关系 libqpol.so.1(VERS_1.4)
-
(64bit),它被软件包 policycoreutils-python-2.5-
-
34.el7.x86_64 需要
-
--> 正在处理依赖关系 libqpol.so.1(VERS_1.2)
-
(64bit),它被软件包 policycoreutils-python-2.5-
-
34.el7.x86_64 需要
-
--> 正在处理依赖关系 libapol.so.4(VERS_4.0)
-
(64bit),它被软件包 policycoreutils-python-2.5-
-
34.el7.x86_64 需要
-
--> 正在处理依赖关系 checkpolicy,它被软件包
-
policycoreutils-python-2.5-34.el7.x86_64 需要
-
--> 正在处理依赖关系 libqpol.so.1()(64bit),它被软
-
件包 policycoreutils-python-2.5-34.el7.x86_64 需要
-
--> 正在处理依赖关系 libapol.so.4()(64bit),它被软
-
件包 policycoreutils-python-2.5-34.el7.x86_64 需要
-
---> 软件包 slirp4netns.x86_64.0.0.4.3-4.el7_8
-
将被 安装
-
--> 正在检查事务
-
---> 软件包 audit-libs-python.x86_64.0.2.8.5-
-
4.el7 将被 安装
-
---> 软件包 checkpolicy.x86_64.0.2.5-8.el7 将被
-
安装
-
---> 软件包 fuse3-libs.x86_64.0.3.6.1-4.el7 将被
-
安装
-
---> 软件包 libsemanage-python.x86_64.0.2.5-
-
14.el7 将被 安装
-
---> 软件包 python-IPy.noarch.0.0.75-6.el7 将被
-
安装
-
---> 软件包 setools-libs.x86_64.0.3.3.8-4.el7 将
-
被 安装
-
--> 解决依赖关系完成
-
依赖关系解决
-
==================================================
-
==================================================
-
============
-
Package 架构 版
-
本 源
-
⼤⼩
-
==================================================
-
==================================================
-
============
-
正在安装:
-
containerd.io x86_64
-
1.6.33-3.1.el7 docker-cestable 35 M
-
docker-buildx-plugin x86_64
-
0.14.1-1.el7 docker-cestable 14 M
-
docker-ce x86_64
-
3:26.1.4-1.el7 docker-cestable 27 M
-
docker-ce-cli x86_64
-
1:26.1.4-1.el7 docker-cestable 15 M
-
docker-compose-plugin x86_64
-
2.27.1-1.el7 docker-cestable 13 M
-
为依赖⽽安装:
-
audit-libs-python x86_64
-
2.8.5-4.el7 base
-
76 k
-
checkpolicy x86_64
-
2.5-8.el7 base
-
295 k
-
container-selinux noarch
-
2:2.119.2-1.911c772.el7_8 extras
-
40 k
-
docker-ce-rootless-extras x86_64
-
26.1.4-1.el7 docker-cestable 9.4 M
-
fuse-overlayfs x86_64
-
0.7.2-6.el7_8 extras
-
54 k
-
fuse3-libs x86_64
-
3.6.1-4.el7 extras
-
82 k
-
libcgroup x86_64
-
0.41-21.el7 base
-
66 k
-
libsemanage-python x86_64
-
2.5-14.el7 base
-
113 k
-
policycoreutils-python x86_64
-
2.5-34.el7 base
-
457 k
-
python-IPy noarch
-
0.75-6.el7 base
-
32 k
-
setools-libs x86_64
-
3.3.8-4.el7 base
-
620 k
-
slirp4netns x86_64
-
0.4.3-4.el7_8 extras
-
81 k
-
事务概要
-
==================================================
-
==================================================
-
============
-
安装 5 软件包 (+12 依赖软件包)
-
总下载量:116 M
-
安装⼤⼩:407 M
-
Downloading packages:
-
(1/17): container-selinux-2.119.2-
-
1.911c772.el7_8.noarch.rpm
-
| 40 kB 00:00:00
-
(2/17): audit-libs-python-2.8.5-4.el7.x86_64.rpm
-
| 76 kB
-
00:00:02
-
(3/17): checkpolicy-2.5-8.el7.x86_64.rpm
-
| 295 kB
-
00:00:03
-
warning: /var/cache/yum/x86_64/7/docker-cestable/packages/docker-buildx-plugin-0.14.1-
-
1.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature,
-
key ID 621e9f35: NOKEY
-
docker-buildx-plugin-0.14.1-1.el7.x86_64.rpm 的公钥
-
尚未安装
-
(4/17): docker-buildx-plugin-0.14.1-
-
1.el7.x86_64.rpm
-
| 14 MB 00:02:11
-
(5/17): containerd.io-1.6.33-3.1.el7.x86_64.rpm
-
| 35 MB
-
00:05:22
-
(6/17): docker-ce-cli-26.1.4-1.el7.x86_64.rpm
-
| 15 MB
-
00:00:35
-
(7/17): docker-ce-26.1.4-1.el7.x86_64.rpm
-
| 27 MB
-
00:03:50
-
(8/17): fuse-overlayfs-0.7.2-6.el7_8.x86_64.rpm
-
| 54 kB
-
00:00:03
-
(9/17): libcgroup-0.41-21.el7.x86_64.rpm
-
| 66 kB
-
00:00:03
-
(10/17): fuse3-libs-3.6.1-4.el7.x86_64.rpm
-
| 82 kB
-
00:00:03
-
(11/17): libsemanage-python-2.5-14.el7.x86_64.rpm
-
| 113 kB
-
00:00:02
-
(12/17): python-IPy-0.75-6.el7.noarch.rpm
-
| 32 kB
-
00:00:00
-
(13/17): policycoreutils-python-2.5-
-
34.el7.x86_64.rpm
-
| 457 kB 00:00:05
-
(14/17): slirp4netns-0.4.3-4.el7_8.x86_64.rpm
-
| 81 kB
-
00:00:02
-
(15/17): setools-libs-3.3.8-4.el7.x86_64.rpm
-
| 620 kB
-
00:00:02
-
(16/17): docker-compose-plugin-2.27.1-
-
1.el7.x86_64.rpm
-
| 13 MB 00:01:28
-
(17/17): docker-ce-rootless-extras-26.1.4-
-
1.el7.x86_64.rpm |
-
9.4 MB 00:01:33
-
--------------------------------------------------
-
--------------------------------------------------
-
------------
-
总计
-
262 kB/s | 116 MB
-
00:07:31
-
从 https://mirrors.aliyun.com/dockerce/linux/centos/gpg 检索密钥
-
导⼊ GPG key 0x621E9F35:
-
⽤户ID : "Docker Release (CE rpm)
-
<docker@docker.com>"
-
指纹 : 060a 61c5 1b55 8a7f 742b 77aa c52f
-
eb6b 621e 9f35
-
来⾃ : https://mirrors.aliyun.com/dockerce/linux/centos/gpg
-
Running transaction check
-
Running transaction test
-
Transaction test succeeded
-
Running transaction
-
正在安装 : libcgroup-0.41-21.el7.x86_64
-
1/17
-
正在安装 : docker-buildx-plugin-0.14.1-
-
1.el7.x86_64
-
2/17
-
正在安装 : setools-libs-3.3.8-4.el7.x86_64
-
3/17
-
正在安装 : audit-libs-python-2.8.5-
-
4.el7.x86_64
-
4/17
-
正在安装 : slirp4netns-0.4.3-4.el7_8.x86_64
-
5/17
-
正在安装 : libsemanage-python-2.5-
-
14.el7.x86_64
-
6/17
-
正在安装 : python-IPy-0.75-6.el7.noarch
-
7/17
-
正在安装 : fuse3-libs-3.6.1-4.el7.x86_64
-
8/17
-
正在安装 : fuse-overlayfs-0.7.2-6.el7_8.x86_64
-
9/17
-
正在安装 : checkpolicy-2.5-8.el7.x86_64
-
10/17
-
正在安装 : policycoreutils-python-2.5-
-
34.el7.x86_64
-
11/17
-
正在安装 : 2:container-selinux-2.119.2-
-
1.911c772.el7_8.noarch
-
12/17
-
正在安装 : containerd.io-1.6.33-3.1.el7.x86_64
-
13/17
-
正在安装 : docker-compose-plugin-2.27.1-
-
1.el7.x86_64
-
14/17
-
正在安装 : 1:docker-ce-cli-26.1.4-1.el7.x86_64
-
15/17
-
正在安装 : docker-ce-rootless-extras-26.1.4-
-
1.el7.x86_64
-
16/17
-
正在安装 : 3:docker-ce-26.1.4-1.el7.x86_64
-
17/17
-
验证中 : docker-compose-plugin-2.27.1-
-
1.el7.x86_64
-
1/17
-
验证中 : checkpolicy-2.5-8.el7.x86_64
-
2/17
-
验证中 : fuse3-libs-3.6.1-4.el7.x86_64
-
3/17
-
验证中 : python-IPy-0.75-6.el7.noarch
-
4/17
-
验证中 : fuse-overlayfs-0.7.2-6.el7_8.x86_64
-
5/17
-
验证中 : libsemanage-python-2.5-
-
14.el7.x86_64
-
6/17
-
验证中 : slirp4netns-0.4.3-4.el7_8.x86_64
-
7/17
-
验证中 : 2:container-selinux-2.119.2-
-
1.911c772.el7_8.noarch
-
8/17
-
验证中 : containerd.io-1.6.33-3.1.el7.x86_64
-
9/17
-
验证中 : 3:docker-ce-26.1.4-1.el7.x86_64
-
10/17
-
验证中 : 1:docker-ce-cli-26.1.4-1.el7.x86_64
-
11/17
-
验证中 : policycoreutils-python-2.5-
-
34.el7.x86_64
-
12/17
-
验证中 : docker-ce-rootless-extras-26.1.4-
-
1.el7.x86_64
-
13/17
-
验证中 : audit-libs-python-2.8.5-
-
4.el7.x86_64
-
14/17
-
验证中 : setools-libs-3.3.8-4.el7.x86_64
-
15/17
-
验证中 : docker-buildx-plugin-0.14.1-
-
1.el7.x86_64
-
16/17
-
验证中 : libcgroup-0.41-21.el7.x86_64
-
17/17
-
已安装:
-
containerd.io.x86_64 0:1.6.33-3.1.el7
-
docker-buildx-plugin.x86_64 0:0.14.1-1.el7
-
docker-ce.x86_64 3:26.1.4-1.el7
-
docker-ce-cli.x86_64 1:26.1.4-1.el7
-
docker-compose-plugin.x86_64 0:2.27.1-1.el7
-
作为依赖被安装:
-
audit-libs-python.x86_64 0:2.8.5-4.el7
-
checkpolicy.x86_64 0:2.5-8.el7
-
container-selinux.noarch 2:2.119.2-
-
1.911c772.el7_8 docker-ce-rootlessextras.x86_64 0:26.1.4-1.el7
-
fuse-overlayfs.x86_64 0:0.7.2-6.el7_8
-
fuse3-libs.x86_64 0:3.6.1-4.el7
-
libcgroup.x86_64 0:0.41-21.el7
-
libsemanage-python.x86_64 0:2.5-14.el7
-
policycoreutils-python.x86_64 0:2.5-34.el7
-
python-IPy.noarch 0:0.75-6.el7
-
setools-libs.x86_64 0:3.3.8-4.el7
-
slirp4netns.x86_64 0:0.4.3-4.el7_8
-
完毕!
14.docker服务没有开启之前查看ip
-
[root@node1 ~]# ifconfig
-
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>
-
mtu 1500
-
inet 10.1.1.10 netmask 255.255.255.0
-
broadcast 10.1.1.255
-
inet6 fe80::20c:29ff:fe94:721b prefixlen
-
64 scopeid 0x20<link>
-
ether 00:0c:29:94:72:1b txqueuelen 1000
-
(Ethernet)
-
RX packets 105369 bytes 146824987 (140.0
-
MiB)
-
RX errors 0 dropped 0 overruns 0 frame
-
0
-
TX packets 39963 bytes 3021936 (2.8 MiB)
-
TX errors 0 dropped 0 overruns 0 carrier
-
0 collisions 0
-
flannel0:
-
flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>
-
mtu 1472
-
inet 172.20.20.0 netmask 255.255.0.0
-
destination 172.20.20.0
-
inet6 fe80::1fae:d70e:eb38:5ec9 prefixlen
-
64 scopeid 0x20<link>
-
unspec 00-00-00-00-00-00-00-00-00-00-00-
-
00-00-00-00-00 txqueuelen 500 (UNSPEC)
-
RX packets 0 bytes 0 (0.0 B)
-
RX errors 0 dropped 0 overruns 0 frame
-
0
-
TX packets 3 bytes 144 (144.0 B)
-
TX errors 0 dropped 0 overruns 0 carrier
-
0 collisions 0
-
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
-
inet 127.0.0.1 netmask 255.0.0.0
-
inet6 ::1 prefixlen 128 scopeid
-
0x10<host>
-
loop txqueuelen 1000 (Local Loopback)
-
RX packets 993 bytes 65146 (63.6 KiB)
-
RX errors 0 dropped 0 overruns 0 frame
-
0
-
TX packets 993 bytes 65146 (63.6 KiB)
-
TX errors 0 dropped 0 overruns 0 carrier
-
0 collisions 0
15.启动docker服务后查看ip
-
[root@node1 ~]# systemctl start docker.service
-
[root@node1 ~]# ifconfig
-
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu
-
1500
-
inet 172.17.0.1 netmask 255.255.0.0
-
broadcast 172.17.255.255
-
ether 02:42:ba:f0:5f:1e txqueuelen 0
-
(Ethernet)
-
RX packets 0 bytes 0 (0.0 B)
-
RX errors 0 dropped 0 overruns 0 frame
-
0
-
TX packets 0 bytes 0 (0.0 B)
-
TX errors 0 dropped 0 overruns 0 carrier
-
0 collisions 0
-
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>
-
mtu 1500
-
inet 10.1.1.10 netmask 255.255.255.0
-
broadcast 10.1.1.255
-
inet6 fe80::20c:29ff:fe94:721b prefixlen
-
64 scopeid 0x20<link>
-
ether 00:0c:29:94:72:1b txqueuelen 1000
-
(Ethernet)
-
RX packets 105431 bytes 146830165 (140.0
-
MiB)
-
RX errors 0 dropped 0 overruns 0 frame
-
0
-
TX packets 40003 bytes 3028954 (2.8 MiB)
-
TX errors 0 dropped 0 overruns 0 carrier
-
0 collisions 0
-
flannel0:
-
flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>
-
mtu 1472
-
inet 172.20.20.0 netmask 255.255.0.0
-
destination 172.20.20.0
-
inet6 fe80::1fae:d70e:eb38:5ec9 prefixlen
-
64 scopeid 0x20<link>
-
unspec 00-00-00-00-00-00-00-00-00-00-00-
-
00-00-00-00-00 txqueuelen 500 (UNSPEC)
-
RX packets 0 bytes 0 (0.0 B)
-
RX errors 0 dropped 0 overruns 0 frame
-
0
-
TX packets 3 bytes 144 (144.0 B)
-
TX errors 0 dropped 0 overruns 0 carrier
-
0 collisions 0
-
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
-
inet 127.0.0.1 netmask 255.0.0.0
-
inet6 ::1 prefixlen 128 scopeid
-
0x10<host>
-
loop txqueuelen 1000 (Local Loopback)
-
RX packets 1001 bytes 65562 (64.0 KiB)
-
RX errors 0 dropped 0 overruns 0 frame
-
0
-
TX packets 1001 bytes 65562 (64.0 KiB)
-
TX errors 0 dropped 0 overruns 0 carrier
-
0 collisions 0
16.查看flannel⼦⽹ip
-
[root@node1 ~]# cat /run/flannel/subnet.env
-
FLANNEL_NETWORK=172.20.0.0/16
-
FLANNEL_SUBNET=172.20.20.1/24
-
FLANNEL_MTU=1472
-
FLANNEL_IPMASQ=false
17.从其他主机复制⼀份daemon.json⽂件
-
[root@node1 ~]# scp
-
root@10.1.1.50:/etc/docker/daemon.json
-
/etc/docker/
-
root@10.1.1.50's password:
-
daemon.json
-
100% 385 111.9KB/s
-
00:00
18.修改添加桥ip和路由字节1472-1500
-
[root@node1 ~]# vim /etc/docker/daemon.json
-
[root@node1 ~]# cat /etc/docker/daemon.json
-
{
-
"insecure-registries":[
-
"http://10.1.1.50"
-
],
-
"registry-mirrors": [
-
"https://do.nark.eu.org",
-
"https://dc.j8.work",
-
"https://docker.m.daocloud.io",
-
"https://dockerproxy.com",
-
"https://docker.mirrors.ustc.edu.cn",
-
"https://docker.nju.edu.cn"
-
],
-
"hosts": [
-
"tcp://0.0.0.0:2375",
-
"unix:///var/run/docker.sock"
-
],
-
"bip": "172.20.20.1/24",
-
"mtu": 1472
-
}
19.修改docker配置⽂件
-
[root@node1 ~]# vim
-
/usr/lib/systemd/system/docker.service
20.加载配置,重启docker服务
-
[root@node1 ~]# systemctl daemon-reload
-
[root@node1 ~]# systemctl restart docker.service
21.查看ip地址
-
[root@node1 ~]# ip a s
-
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc
-
noqueue state UNKNOWN group default qlen 1000
-
link/loopback 00:00:00:00:00:00 brd
-
00:00:00:00:00:00
-
inet 127.0.0.1/8 scope host lo
-
valid_lft forever preferred_lft forever
-
inet6 ::1/128 scope host
-
valid_lft forever preferred_lft forever
-
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
-
1500 qdisc pfifo_fast state UP group default qlen
-
1000
-
link/ether 00:0c:29:94:72:1b brd
-
ff:ff:ff:ff:ff:ff
-
inet 10.1.1.10/24 brd 10.1.1.255 scope global
-
ens33
-
valid_lft forever preferred_lft forever
-
inet6 fe80::20c:29ff:fe94:721b/64 scope link
-
valid_lft forever preferred_lft forever
-
3: flannel0:
-
<POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472
-
qdisc pfifo_fast state UNKNOWN group default qlen
-
500
-
link/none
-
inet 172.20.20.0/16 scope global flannel0
-
valid_lft forever preferred_lft forever
-
inet6 fe80::1fae:d70e:eb38:5ec9/64 scope link
-
flags 800
-
valid_lft forever preferred_lft forever
-
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP>
-
mtu 1472 qdisc noqueue state DOWN group default
-
link/ether 02:42:ba:f0:5f:1e brd
-
ff:ff:ff:ff:ff:ff
-
inet 172.20.20.1/24 brd 172.20.20.255 scope
-
global docker0
-
valid_lft forever preferred_lft forever
22.拉取⼀个镜像测试ip地址
-
[root@node1 ~]# docker pull centos
-
Using default tag: latest
-
latest: Pulling from library/centos
-
a1d0c7532777: Pull complete
-
Digest:
-
sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534b
-
bdee55bd6c473f432b177
-
Status: Downloaded newer image for centos:latest
-
docker.io/library/centos:latest
-
[root@node1 ~]# docker run -it centos:latest
-
/bin/bash
-
[root@be00f4423f5b /]# [root@node1 ~]# docker
-
images
-
REPOSITORY TAG IMAGE ID CREATED
-
SIZE
-
centos latest 5d0da3dc9764 2 years ago
-
23
二、从控
1.安装flannel
yum -y install flannel
2.配置flanner 配置flannel要访问的etcd数据库所在的位置
-
root@localhost ~]# cat /etc/sysconfig/flanneld
-
# Flanneld configuration options
-
# etcd url location. Point this to the server
-
where etcd runs
-
FLANNEL_ETCD_ENDPOINTS="http://192.168.71.10:2379"
-
# etcd config key. This is the configuration key
-
that flannel queries
-
# For address range assignment
-
FLANNEL_ETCD_PREFIX="/atomic.io/network"
-
# Any additional options that you want to pass
-
#FLANNEL_OPTIONS=""
3.启动flannel
systemctl star flanneld
4.查看flannel分配的ip⽹段
-
[root@localhost ~]# cat /run/flannel/subnet.env
-
FLANNEL_NETWORK=172.20.0.0/16
-
FLANNEL_SUBNET=172.20.99.1/24
-
FLANNEL_MTU=1472
-
FLANNEL_IPMASQ=false
5.安装docker
6.将flannel分配⽹段写⼊到daemon.json
-
[root@localhost ~]# cat /etc/docker/daemon.json
-
{
-
"registry-mirrors": [
-
"https://do.nark.eu.org",
-
"https://dc.j8.work",
-
"https://docker.m.daocloud.io",
-
"https://dockerproxy.com",
-
"https://docker.mirrors.ustc.edu.cn",
-
"https://docker.nju.edu.cn"
-
],
-
"hosts": [
-
"tcp://0.0.0.0:2375",
-
"unix:///var/run/docker.sock"
-
],
-
"insecure-registries":[
-
"http://192.168.71.50:5000"
-
],
-
"bip" : "172.20.99.1/24",
-
"mtu" : 1472
-
}
-
[root@localhost ~]#
7.重启docaker 如果不能重启,就修改⼀下远程管理
systemctl restart docker.service
8.拉取⼀个centos镜像
-
docker pull centos
-
docker run -it centos:latest /bin/bash
9.ping node1中容器的ip地址
ping 172.20.78.2
总结,⼯作原理
1.使⽤flanner为docker主机(宿主)分配⽹段
2.⽹段的信息以及ip的信息保存在etcd数据库中
3.当flanner开始运⾏的时候,会从etcd数据库中读取{"Network":"172.20.0.0/16"},随机为当前的主机添加⼀个flannel0⽹课172.20.78.0
4.配置docker的daemon⽂件,让docker0⽹卡变成和flannel的⽹段⼀致,之后docker下创建的容器的ip就在flannel的⽹段控制之内